[debian-edu-commits] debian-edu/pkg-team/ 03/13: Imported Debian patch 0.1-3
Mike Gabriel
sunweaver at debian.org
Wed Oct 1 02:59:14 UTC 2014
This is an automated email from the git hooks/post-receive script.
sunweaver pushed a commit to branch master
in repository ldap2bind.
commit 123fc0cde96cd3e314134dcdd638a3b3252c4ff5
Author: Benoit Mortier <benoit.mortier at opensides.be>
Date: Tue Oct 20 00:39:24 2009 +0200
Imported Debian patch 0.1-3
---
changelog | 3 +
debian/README.debian | 6 ++
debian/changelog | 20 ++++
debian/compat | 1 +
debian/control | 19 ++++
debian/copyright | 12 +++
debian/cron.d | 4 +
debian/default | 26 +++++
debian/dirs | 3 +
debian/doc-base | 7 ++
debian/docs | 1 +
debian/install | 5 +
debian/ldap2zone.lintian-overrides | 2 +
debian/ldap2zone.manpages | 2 +
debian/rules | 48 +++++++++
dnszonehowto.html | 202 +++++++++++++++++++++++++++++++++++++
ldap2bind | 10 +-
17 files changed, 369 insertions(+), 2 deletions(-)
diff --git a/changelog b/changelog
new file mode 100644
index 0000000..80bbfac
--- /dev/null
+++ b/changelog
@@ -0,0 +1,3 @@
+ldap2zone-0.1 2005-04-24
+ This is the very first release and consists of just the file ldap2zone.c
+
diff --git a/debian/README.debian b/debian/README.debian
index 1d2aebd..c3303d7 100644
--- a/debian/README.debian
+++ b/debian/README.debian
@@ -1,6 +1,12 @@
ldap2zone for Debian
--------------------
+This program extract dns record from ldap and create zone files for bind9
+
+Cajus Pollmeier <cajus at debian.org>, Thu, 17 Mar 2005 09:05:17 +0100
+ldap2zone for Debian
+--------------------
+
This program extract dns record from ldap and create zone files
Cajus Pollmeier <cajus at debian.org>, Thu, 17 Mar 2005 09:05:17 +0100
diff --git a/debian/changelog b/debian/changelog
index 48102d3..ebb83d8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,25 @@
+ldap2zone (0.1-3) unstable; urgency=low
+
+ * ldap2bind incorrectly looks for rndc and ldap2zone (Closes: #544855)
+ * correct bashism in /bin/sh script (Closes: #547749)
+
+ -- Benoit Mortier <benoit.mortier at opensides.be> Tue, 20 Oct 2009 00:39:24 +0200
+
+ldap2zone (0.1-2) unstable; urgency=low
+
+ * Converted to new ldap api (Closes: #540293)
+ * Corrected binary-arch target (Closes: #540673)
+
+ -- Cajus Pollmeier <cajus at debian.org> Wed, 12 Aug 2009 02:34:00 +0200
+
+ldap2zone (0.1-1) unstable; urgency=low
+
+ * Initial upload (Closes: #532665)
+
+ -- Cajus Pollmeier <cajus at debian.org> Wed, 24 Jun 2009 10:02:00 +0200
ldap2zone (0.1-1) unstable; urgency=low
* Initial upload (Closes: #532665)
+ * Include cron script
-- Cajus Pollmeier <cajus at debian.org> Wed, 24 Jun 2009 10:02:00 +0200
diff --git a/debian/compat b/debian/compat
index 7ed6ff8..fd3c81a 100644
--- a/debian/compat
+++ b/debian/compat
@@ -1 +1,2 @@
5
+5
diff --git a/debian/control b/debian/control
index d7d4ddb..2b3be45 100644
--- a/debian/control
+++ b/debian/control
@@ -1,6 +1,25 @@
Source: ldap2zone
Section: utils
Priority: optional
+Maintainer: GOsa packages maintainers group <gosa-pkg at oss.gonicus.de>
+Uploaders: Cajus Pollmeier <cajus at debian.org>, Benoit Mortier <benoit.mortier at opensides.be>
+Standards-Version: 3.8.3
+Build-Depends: debhelper (>= 5.0.0), libldap2-dev, ldap-utils
+Homepage: https://oss.gonicus.de/labs/gosa
+Vcs-Browser: https://oss.gonicus.de/repositories/goto/trunk/ldap2zone
+Vcs-Svn: https://oss.gonicus.de/repositories/goto/trunk/ldap2zone
+
+Package: ldap2zone
+Architecture: any
+Depends: ${shlibs:Depends}, bind9
+Conflicts: ldapdns, ldap2dns
+Description: Extract DNS zones from LDAP trees
+ This is a tool that reads info for a zone from LDAP and constructs
+ a standard plain ascii zone file. The LDAP information has to be
+ stored using the dnszone schema.
+Source: ldap2zone
+Section: utils
+Priority: optional
Maintainer: GOsa packages mainteners group <gosa-pkg at oss.gonicus.de>
Uploaders: Cajus Pollmeier <cajus at debian.org>, Benoit Mortier <benoit.mortier at opensides.be>
Standards-Version: 3.8.2
diff --git a/debian/copyright b/debian/copyright
index e6a5dd4..2c638c1 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -1,6 +1,18 @@
This package was debianized by Cajus Pollmeier <cajus at debian.org>
Thu, 17 Mar 2005 09:05:17 +0100.
+It was downloaded from http://www.venaas.no/dns/ldap2zone/
+
+Copyright:
+
+This software is copyright (C) 2004, 2005 Stig Venaas <venaas at uninett.no>
+
+Permission to use, copy, modify, and distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+This package was debianized by Cajus Pollmeier <cajus at debian.org>
+Thu, 17 Mar 2005 09:05:17 +0100.
+
It was downloaded from http://www.uninett.no
Copyright:
diff --git a/debian/cron.d b/debian/cron.d
index 2984f81..e6949eb 100644
--- a/debian/cron.d
+++ b/debian/cron.d
@@ -2,3 +2,7 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin
@reboot bind /usr/sbin/ldap2bind
@hourly bind /usr/sbin/ldap2bind
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
+ at reboot bind /usr/sbin/ldap2bind
+ at hourly bind /usr/sbin/ldap2bind
diff --git a/debian/default b/debian/default
index 6bdf670..e80bbe7 100644
--- a/debian/default
+++ b/debian/default
@@ -24,3 +24,29 @@ PREFIX="db."
# Allow Updates from these networks (semicolon separated and ended)
# DEFAULT: Don't allow updates
#ALLOW_UPDATE="192.168.0.0/24;"
+# Configuration file for automatic deployment of ldap2zone generated zones to bind
+
+# Should we run the cronjob
+# DEFAULT: "false"
+RUN_DEPLOY="false"
+
+# How the LDAP server can be accessed
+# DEFAULT: "ldap://localhost"
+#LDAP_URI="ldap://localhost"
+
+# Where the zonefiles are located
+# DEFAULT: "/etc/bind"
+BIND_DIR="/etc/bind"
+
+# Time to live value for a and ptr records
+# DEFAULT: 500 Seconds
+TTL="500"
+
+# Prefix for zone definition files
+# DEFAULT: "db."
+# The zone definition file for 0.168.192.in-addr.arpa is stored as 'db.0.168.192.in-addr.arpa'
+PREFIX="db."
+
+# Allow Updates from these networks (semicolon separated and ended)
+# DEFAULT: Don't allow updates
+#ALLOW_UPDATE="192.168.0.0/24;"
diff --git a/debian/dirs b/debian/dirs
index dc52318..c011d58 100644
--- a/debian/dirs
+++ b/debian/dirs
@@ -1,3 +1,6 @@
etc/default
usr/sbin
usr/share/doc/ldap2zone
+etc/default
+usr/sbin
+usr/share/doc/ldap2zone
diff --git a/debian/doc-base b/debian/doc-base
new file mode 100644
index 0000000..a014fae
--- /dev/null
+++ b/debian/doc-base
@@ -0,0 +1,7 @@
+Document: ldap2zone
+Title: ldap2zone howto
+Section: Programming/PHP
+
+Format: HTML
+Index: /usr/share/doc/ldap2zone/dnszonehowto.html
+Files: /usr/share/doc/ldap2zone/*.html
diff --git a/debian/docs b/debian/docs
new file mode 100644
index 0000000..220e587
--- /dev/null
+++ b/debian/docs
@@ -0,0 +1 @@
+dnszonehowto.html
diff --git a/debian/install b/debian/install
index 4973182..5ce4968 100644
--- a/debian/install
+++ b/debian/install
@@ -3,3 +3,8 @@ usr/sbin/ldap2bind
etc/default/ldap2zone
usr/share/lintian/overrides/ldap2zone
+usr/sbin/ldap2zone
+usr/sbin/ldap2bind
+etc/default/ldap2zone
+usr/share/lintian/overrides/ldap2zone
+
diff --git a/debian/ldap2zone.lintian-overrides b/debian/ldap2zone.lintian-overrides
index 7501fe3..28a9981 100644
--- a/debian/ldap2zone.lintian-overrides
+++ b/debian/ldap2zone.lintian-overrides
@@ -1,2 +1,4 @@
ldap2zone: binary-without-manpage usr/sbin/ldap2bind
+ldap2zone: binary-without-manpage usr/sbin/ldap2bind
+
diff --git a/debian/ldap2zone.manpages b/debian/ldap2zone.manpages
index b48c171..d42882a 100644
--- a/debian/ldap2zone.manpages
+++ b/debian/ldap2zone.manpages
@@ -1,2 +1,4 @@
ldap2zone.1
+ldap2zone.1
+
diff --git a/debian/rules b/debian/rules
index dcd6652..1ded0c4 100755
--- a/debian/rules
+++ b/debian/rules
@@ -25,6 +25,54 @@ install: build
# install -d $(CURDIR)/debian/tmp/etc/default
# install -m 644 $(CURDIR)/debian/default $(CURDIR)/debian/tmp/etc/default/ldap2zone
+binary-arch: build install
+ dh_testdir
+ dh_testroot
+ dh_install --fail-missing --sourcedir=debian/tmp
+ dh_installman
+ dh_installchangelogs changelog
+ dh_installdocs debian/copyright
+ dh_compress
+ dh_fixperms
+ dh_installcron
+ dh_shlibdeps
+ dh_strip
+ dh_installdeb
+ dh_gencontrol
+ dh_md5sums
+ dh_builddeb
+
+binary: binary-arch
+binary-indep: binary-arch
+
+.PHONY: binary binary-arch clean checkroot
+#!/usr/bin/make -f
+
+PACKAGE=ldap2zone
+VERSION=$(shell dpkg-parsechangelog |grep "^Version:" | cut -f2 -d' ')
+
+build: build-stamp
+build-stamp:
+ dh_testdir
+ $(MAKE)
+ touch build-stamp
+
+clean:
+ dh_testdir
+ $(MAKE) clean
+ rm -f build-stamp
+ dh_clean
+
+install: build
+ dh_testdir
+ dh_testroot
+ dh_clean -k
+ dh_installdirs
+
+ $(MAKE) install DESTDIR=$(CURDIR)/debian/tmp
+# install -d $(CURDIR)/debian/tmp/etc/default
+# install -m 644 $(CURDIR)/debian/default $(CURDIR)/debian/tmp/etc/default/ldap2zone
+
binary-indep: build install
dh_testdir
dh_testroot
diff --git a/dnszonehowto.html b/dnszonehowto.html
new file mode 100644
index 0000000..d15fe08
--- /dev/null
+++ b/dnszonehowto.html
@@ -0,0 +1,202 @@
+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
+<HEAD>
+<TITLE>How to use dnsZone with the BIND 9 sdb back-end</TITLE>
+</HEAD>
+<BODY>
+<H1>How to use dnsZone with the BIND 9 sdb back-end</H1>
+<H2>Record types</H2>
+The dnsZone class does not contain attributes for all known record types. The
+following types are missing: MF, MB, MG, MR, NULL, WKS, RP, AFSDB, X25, ISDN,
+RT, NSAP, NSAP-PTR, PX and GPOS. Anything defined after this document was
+written is obviously missing. If you want to add some record types that are
+defined by <A href="http://www.iana.org/assignments/dns-parameters">IANA</A>,
+please define it similar to what I've done for the existing ones. The name
+should be <em>{TYPE}Record</em>, and OID should be
+<em>1.3.6.1.4.1.2428.20.1.value</em>. For instance the RR type <em>LOC</em> has
+value <em>29</em>, so attribute name should be <em>LocRecord</em> (casing
+shouldn't matter), and the OID is <em>1.3.6.1.4.1.2428.20.1.29</em>. If you
+follow this, you know that it will be compatible with what I and others
+use, and I guarantee that the OIDs are unique.
+<p>
+The dnsZone class has attributes for some
+basic record types like A, SOA, etc. which are defined in the cosine schema
+and not in this schema. This means that your LDAP server must use both the
+cosine schema and this one. If you're not you should get an error from your
+LDAP server.
+<H2>Example 1</H2>
+Let's look at the following simple zone file.
+<pre>
+@ 3600 IN SOA ns.my-domain.com. hostmaster.my-domain.com. (
+ 2001030201 3600 1800 604800 86400 )
+ NS ns.my-domain.com.
+ NS ns.other-domain.com.
+ MX 10 mail.my-domain.com.
+ MX 20 mail.other-domain.com.
+
+my-hosta A 10.10.10.10
+ MX 10 mail.my-domain.com.
+ MX 20 mail.other-domain.com.
+www 1800 CNAME my-hosta.my-domain.com.
+my-hostb 3600 A 10.10.10.11
+ MX 10 mail.my-domain.com.
+ MX 20 mail.other-domain.com.
+</pre>
+This can be represented by the following LDIF file:
+<pre>
+dn: relativeDomainName=@, dc=my-domain, dc=com
+objectClass: dNSZone
+relativeDomainName: @
+zoneName: my-domain.com
+dNSTTL: 3600
+dNSClass: IN
+sOARecord: ns.my-domain.com. hostmaster.my-domain.com. 2001030201 3600 1800 604800 86400
+nSRecord: ns.my-domain.com.
+nSRecord: ns.other-domain.com.
+mXRecord: 10 mail.my-domain.com.
+mXRecord: 20 mail.other-domain.com.
+
+dn: relativeDomainName=my-hosta, dc=my-domain, dc=com
+objectClass: dNSZone
+relativeDomainName: my-hosta
+zoneName: my-domain.com
+dNSTTL: 86400
+dNSClass: IN
+aRecord: 10.10.10.10
+mXRecord: 10 mail.my-domain.com.
+mXRecord: 20 mail.other-domain.com.
+
+dn: relativeDomainName=www, dc=my-domain, dc=com
+objectClass: dNSZone
+relativeDomainName: www
+zoneName: my-domain.com
+dNSTTL: 1800
+dNSClass: IN
+cNAMERecord: my-hosta.my-domain.com.
+
+dn: relativeDomainName=my-hostb, dc=my-domain, dc=com
+objectClass: dNSZone
+relativeDomainName: my-hostb
+zoneName: my-domain.com
+dNSTTL: 3600
+dNSClass: IN
+aRecord: 10.10.10.11
+
+dn: relativeDomainName=my-hostb + dNSTTL=86400, dc=my-domain, dc=com
+objectClass: dNSZone
+relativeDomainName: my-hostb
+zoneName: my-domain.com
+dNSTTL: 86400
+dNSClass: IN
+mXRecord: 10 mail.my-domain.com.
+mXRecord: 20 mail.other-domain.com.
+</pre>
+<p>
+zoneName is the name of the zone, i.e. the name of the node in the zone
+that is highest up in the DNS tree. relativeDomainName is the name of
+the nodes relative to this, just like relative names in zone files
+dNSClass is not used by the sdb back-end, so you can leave it out if you
+like. The dNSTTL can also be left out, it will then default to the TTL
+specified in named.conf.
+<p>
+If you want RRs with the same name to have different TTLs (like
+my-hostb in the example), you will have to store it as multiple entries
+all including <em>relativeDomainName=my-hostb</em>. You will need at least as
+many entries as there are different TTLs. The main difficulty is to make
+sure that they all have unique DNs. The way I've chosen is to have a
+multi-valued RDN including dNSTTL, and put all RRs with the same TTL together.
+This is a bit ugly, but I think this is better than having one entry per RR.
+Let me know if you have other ideas.
+<p>
+When storing multiple zones you must make sure of course that the dn's are
+unique. This can easily be done by including the zoneName attribute in the
+DN. This can be done in several ways, one example would be
+<em>relativeDomainName=www, zoneName=my-zone, dc=my-domain, dc=com</em>.
+
+<H2>Example 2</H2>
+The schema is quite flexible as I'll try to show in the next two examples.
+If you have say the same MX records for the three hosts hosta, hostb and
+hostc, you might have one entry for each host and have the same mXRecord
+values in all the entries, or you can have one common entry with the
+mXRecords like this:
+<pre>
+dn: relativeDomainName=hosta, dc=my-domain, dc=com
+objectClass: dNSZone
+relativeDomainName: hosta
+relativeDomainName: hostb
+relativeDomainName: hostc
+zoneName: my-domain.com
+mXRecord: 10 mail.my-domain.com.
+mXRecord: 20 mail.other-domain.com.
+</pre>
+
+<H2>Example 3</H2>
+Assume that we have one web server with one IP address that is a virtual
+web server for hundreds of domains. Rather than having hundreds of similar
+entries, one for each zone, you might do as follows:
+<pre>
+dn: relativeDomainName=www, dc=my-domain, dc=com
+objectClass: dNSZone
+relativeDomainName: www
+zoneName: customerdomain1.com
+zoneName: customerdomain2.com
+...
+zoneName: customerdomain999.com
+aRecord: 10.10.10.10
+mXRecord: 10 mail.my-domain.com.
+mXRecord: 20 mail.other-domain.com.
+</pre>
+If you have a bunch of zones that are identical, except for the zone name,
+you might combine all their entries like above. Sort of like using the same
+zone file for multiple zones.
+
+<H2>Example 4</H2>
+Let's have a look at PTR records for reverse lookups for IPv4 addresses.
+Say you want to have a reverse for the address <em>1.2.3.4</em>. You then
+need a PTR record for <em>4.3.2.1.in-addr.arpa</em>. Using normal zone
+files you would typically have a file for the zone <em>3.2.1.in-addr.arpa</em>
+and inside that put say
+<pre>4 PTR my-hostc.my-domain.com.
+</pre>
+Using this back-end, you change <em>named.conf</em> like above, and use an
+LDAP entry like this:
+<pre>
+dn: relativeDomainName=4, zoneName=3.2.1.in-addr.arpa, dc=my-domain, dc=com
+objectClass: dNSZone
+relativeDomainName: 4
+zoneName: 3.2.1.in-addr.arpa
+pTRRecord: my-hostc.my-domain.com.
+</pre>
+Note that the DN can be whatever you like. If you use a DN like the above,
+you can use <em>zoneName=3.2.1.in-addr.arpa, dc=my-domain, dc=com</em> as
+the search base in the URL in <em>named.conf</em>.
+
+<H2>Example 5</H2>
+As a final example, you might try to search below
+<A href="ldap://ldap.venaas.no/dc=venaas,dc=com,o=DNS,dc=venaas,dc=no">
+ldap://ldap.venaas.no/dc=venaas,dc=com,o=DNS,dc=venaas,dc=no</A>. There
+you will find the zone data for venaas.com.
+You can also browse my directory data using
+<a href="http://sites.inka.de/ms/cgi-bin/web2ldap.fcgi/ldapurl?ldap://garibaldi.venaas.no/dc=venaas,dc=com,o=DNS,dc=venaas,dc=no??sub?(objectclass=*)">web2ldap</a>.
+The master server for
+venaas.com uses this server. The slave uses normal zone transfers.
+
+<H2>Summary</H2>
+As should be evident from the examples, you have great flexibility when
+using this schema with the BIND9 back-end. The tree structure, the dn's,
+doesn't matter at all, the back-end simply does a sub-tree search using
+the base specified in named.conf for all entries in the wanted zone with
+the wanted name. For example when someone tries to look up the node
+<em>my-hosta.my-domain.com</em> it simply does a sub-tree search at the base
+given in <em>named.conf</em> with the filter
+<em>(&(zoneName=my-domain.com)(relativeDomainName=my-hosta))</em>. If someone
+looks up <em>my-domain.com</em> it uses the filter
+<em>(&(zoneName=my-domain.com)(relativeDomainName=@))</em>, and finally if
+someone wants to get the entire zone, for example a secondary using AXFR,
+it uses the filter <em>(zoneName=my-domain.com)</em>. Wildcards are not
+supported.
+<hr>
+<address>
+<a href="mailto:venaas at uninett.no">venaas at uninett.no</a>
+</address>
+Last modified: 2002-02-03
+</BODY>
diff --git a/ldap2bind b/ldap2bind
index 4f84ce7..8d577d4 100755
--- a/ldap2bind
+++ b/ldap2bind
@@ -2,7 +2,11 @@
[ -r /etc/default/ldap2zone ] && . /etc/default/ldap2zone
-[[ ${LDAP_URI} =~ 'ldap''s'?'://''.'* ]] || LDAP_URI="ldap://${LDAP_URI}"
+case "$LDAP_URI" in
+ldap://*|ldaps://*) ;;
+ *) LDAP_URI="ldap://${LDAP_URI}" ;;
+ esac
+
LDAPSEARCH=`which ldapsearch`
LDAP_URI_PARAM=${LDAP_URI:+"-H $LDAP_URI"}
ALLOW_UPDATE_PARAM=${ALLOW_UPDATE:+"allow-update {$ALLOW_UPDATE};"}
@@ -53,6 +57,8 @@ for domain in $ZONES; do
result=$($rndc reload $domain 2>&1)
if [ $? -ne 0 ]; then
- echo -e "Reloading the zone '$domain' failed:\n$result" 1>&2
+ prinf "Reloading the zone '$domain' failed:\n$result" 1>&2
+ else
+ printf "Reloading the zone '$domain' was successful\n" 1>&2
fi
done
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/pkg-team/ldap2bind.git
More information about the debian-edu-commits
mailing list